Hello everyone. I may or may not have found a security vulnerability in a web application. Where should I report that? Keep in mind I’m just a hobbyist and my profession is not related to any of that stuff.

The project has a GitHub page and the Security tab exists. Should I directly report it there? It also has a SECURITY.md file, simply stating to send an email with the details to some address. Should I send it there? I also want some credit for this discovery, so I suppose that it’s kinda risky sending it via e-mail, since they could just patch it, without mentioning anything. Also, I may develop a little proof of concept. Should I make it public from the beginning?

Thanks in advance.

There are some times that I make something and the terminal isn’t enough. I want to make it user-friendly and add buttons and dropdowns and stuff. I mainly write C, so I want a well-known and good GUI library for C. I have tried learning Qt but the documentation was awful and all the examples were for C++ or Python. I also am aware about libraries like imgui but it’s more for debugging UIs I think and not for normal applications that end users use.

I also would like the library to be platform-agnostic, or at least just work with Linux because that’s what I am using.

If you also code in C, what do you use to make GUIs? What do you suggest me to use?

Thanks in advance.

Also, if anyone suggests Electron or anything involving a browser, I will find them and remove one electron from each atom of theirs, turning them into smoke.